Security Projects
Security Information and Event Management (SIEM)
Lead procurement, deployment, operationalization of multiple on-prem and cloud-based SIEM-platforms and Service Providers, in environments large (3k endpoints, 12k users) to small (600 endpoints and 350 users)
RSA Envision, ArcSight, Azure Sentinel
Endpoint Protection Platforms
Procurement, deployment, operationalization of Endpoint Detection and Response platforms, maximizing protecting while minimizing interruption to business
Crowdstrike, Palo Alto Cortex, McAfee
Vulnerability Management Platforms
From requirement gathering to procurement to implementation, to the roll out of new and optimizing processes for addressing and reporting on vulnerabilities.
Tenable, Rapid7 deployments
Firewalls and SD-WAN
Experience managing deployment and management of next-generation firewalls, and co-managed solutions with service providers
Palo Alto Networks, PAN Prisma Access, CATO Networks SD-WAN
Security Program Assessment & Design
Provide leadership to develop security programs, measure and report on maturity and establish a multi-year maturity roadmap.
Incident Response & Disaster Recovery
Lead development of cyber incident response plan, lead incident response table top exercises, and development of playbooks to address scenarios.
Privacy Projects
National Registry of Physicians
Provided privacy leadership into the technical design of the Registry in Azure, and privacy diligence activities for launching the NRP. Negotiated inclusion of 12 provincial and territorial Medical Registration Authorities (MRAs) to voluntarily participate in a national data-sharing register of physician data in Canada.
Digital Dealer Registration
Conducted a Privacy Impact Assessment (PIA) for the cloud-based DDR platform which enabled automotive dealerships to register new and used vehicles remotely.
Data Exchange Platform
Conducted a Privacy Impact Assessment on a new cloud-based data sharing and processing platform leveraging Azure DataBricks, Data Lake, and Azure Purview for transferring sensitive information.
REACH Portal
Conducted a PIA of a regional clinical data sharing portal, in addition to administering governance meetings, and operationalizing the portal, and support amendments to the data sharing agreements.
EPIC Health Information System
Responsible for providing privacy and security diligence activities including facilitating PIAs and TRAs on a hospital's new electronic health information system.
REDCap Data Collection Platform
Completed PIA on a data platform used to collect and store personal health information for research purposes.